login.c revision 1.101
1 1.101 christos /* $NetBSD: login.c,v 1.101 2012/04/23 20:57:04 christos Exp $ */ 2 1.12 jtc 3 1.1 cgd /*- 4 1.12 jtc * Copyright (c) 1980, 1987, 1988, 1991, 1993, 1994 5 1.10 brezak * The Regents of the University of California. All rights reserved. 6 1.1 cgd * 7 1.1 cgd * Redistribution and use in source and binary forms, with or without 8 1.1 cgd * modification, are permitted provided that the following conditions 9 1.1 cgd * are met: 10 1.1 cgd * 1. Redistributions of source code must retain the above copyright 11 1.1 cgd * notice, this list of conditions and the following disclaimer. 12 1.1 cgd * 2. Redistributions in binary form must reproduce the above copyright 13 1.1 cgd * notice, this list of conditions and the following disclaimer in the 14 1.1 cgd * documentation and/or other materials provided with the distribution. 15 1.73 agc * 3. Neither the name of the University nor the names of its contributors 16 1.1 cgd * may be used to endorse or promote products derived from this software 17 1.1 cgd * without specific prior written permission. 18 1.1 cgd * 19 1.1 cgd * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND 20 1.1 cgd * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 21 1.1 cgd * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 22 1.1 cgd * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE 23 1.1 cgd * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 24 1.1 cgd * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 25 1.1 cgd * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 26 1.1 cgd * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 27 1.1 cgd * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 28 1.1 cgd * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 29 1.1 cgd * SUCH DAMAGE. 30 1.1 cgd */ 31 1.1 cgd 32 1.24 lukem #include <sys/cdefs.h> 33 1.1 cgd #ifndef lint 34 1.96 lukem __COPYRIGHT("@(#) Copyright (c) 1980, 1987, 1988, 1991, 1993, 1994\ 35 1.96 lukem The Regents of the University of California. All rights reserved."); 36 1.1 cgd #endif /* not lint */ 37 1.1 cgd 38 1.1 cgd #ifndef lint 39 1.12 jtc #if 0 40 1.12 jtc static char sccsid[] = "@(#)login.c 8.4 (Berkeley) 4/2/94"; 41 1.12 jtc #endif 42 1.101 christos __RCSID("$NetBSD: login.c,v 1.101 2012/04/23 20:57:04 christos Exp $"); 43 1.1 cgd #endif /* not lint */ 44 1.1 cgd 45 1.1 cgd /* 46 1.1 cgd * login [ name ] 47 1.1 cgd * login -h hostname (for telnetd, etc.) 48 1.1 cgd * login -f name (for pre-authenticated login: datakit, xterm, etc.) 49 1.1 cgd */ 50 1.1 cgd 51 1.1 cgd #include <sys/param.h> 52 1.1 cgd #include <sys/stat.h> 53 1.1 cgd #include <sys/time.h> 54 1.1 cgd #include <sys/resource.h> 55 1.1 cgd #include <sys/file.h> 56 1.38 mrg #include <sys/wait.h> 57 1.67 christos #include <sys/socket.h> 58 1.1 cgd 59 1.12 jtc #include <err.h> 60 1.5 cgd #include <errno.h> 61 1.1 cgd #include <grp.h> 62 1.1 cgd #include <pwd.h> 63 1.12 jtc #include <setjmp.h> 64 1.12 jtc #include <signal.h> 65 1.19 veego #include <stdio.h> 66 1.5 cgd #include <stdlib.h> 67 1.1 cgd #include <string.h> 68 1.12 jtc #include <syslog.h> 69 1.36 kleink #include <time.h> 70 1.12 jtc #include <ttyent.h> 71 1.12 jtc #include <tzfile.h> 72 1.12 jtc #include <unistd.h> 73 1.95 christos #include <sysexits.h> 74 1.67 christos #ifdef SUPPORT_UTMP 75 1.12 jtc #include <utmp.h> 76 1.66 christos #endif 77 1.67 christos #ifdef SUPPORT_UTMPX 78 1.66 christos #include <utmpx.h> 79 1.66 christos #endif 80 1.13 jtc #include <util.h> 81 1.29 mycroft #ifdef SKEY 82 1.29 mycroft #include <skey.h> 83 1.29 mycroft #endif 84 1.25 mycroft #ifdef KERBEROS5 85 1.45 christos #include <krb5/krb5.h> 86 1.99 christos #include <krb5/com_err.h> 87 1.25 mycroft #endif 88 1.48 mjl #ifdef LOGIN_CAP 89 1.48 mjl #include <login_cap.h> 90 1.48 mjl #endif 91 1.79 christos #include <vis.h> 92 1.25 mycroft 93 1.1 cgd #include "pathnames.h" 94 1.97 christos #include "common.h" 95 1.1 cgd 96 1.57 aidan #ifdef KERBEROS5 97 1.57 aidan int login_krb5_forwardable_tgt = 0; 98 1.97 christos static int login_krb5_get_tickets = 1; 99 1.97 christos static int login_krb5_retain_ccache = 0; 100 1.57 aidan #endif 101 1.57 aidan 102 1.97 christos static void checknologin(char *); 103 1.44 aidan #ifdef KERBEROS5 104 1.81 xtraeme int k5login(struct passwd *, char *, char *, char *); 105 1.81 xtraeme void k5destroy(void); 106 1.99 christos int k5_read_creds(const char *); 107 1.81 xtraeme int k5_write_creds(void); 108 1.57 aidan #endif 109 1.89 wiz #if defined(KERBEROS5) 110 1.97 christos static void dofork(void); 111 1.44 aidan #endif 112 1.97 christos static void usage(void); 113 1.12 jtc 114 1.1 cgd #define TTYGRPNAME "tty" /* name of group to own ttys */ 115 1.1 cgd 116 1.50 mjl #define DEFAULT_BACKOFF 3 117 1.50 mjl #define DEFAULT_RETRIES 10 118 1.48 mjl 119 1.89 wiz #if defined(KERBEROS5) 120 1.57 aidan int has_ccache = 0; 121 1.101 christos int notickets = 1; 122 1.25 mycroft extern krb5_context kcontext; 123 1.44 aidan extern int have_forward; 124 1.57 aidan extern char *krb5tkfile_env; 125 1.60 thorpej extern int krb5_configured; 126 1.60 thorpej #endif 127 1.60 thorpej 128 1.100 christos static char *instance; 129 1.100 christos 130 1.89 wiz #if defined(KERBEROS5) 131 1.60 thorpej #define KERBEROS_CONFIGURED krb5_configured 132 1.25 mycroft #endif 133 1.1 cgd 134 1.97 christos extern char **environ; 135 1.34 thorpej 136 1.5 cgd int 137 1.80 xtraeme main(int argc, char *argv[]) 138 1.1 cgd { 139 1.5 cgd struct group *gr; 140 1.5 cgd struct stat st; 141 1.29 mycroft int ask, ch, cnt, fflag, hflag, pflag, sflag, quietlog, rootlogin, rval; 142 1.44 aidan int Fflag; 143 1.33 hubertf uid_t uid, saved_uid; 144 1.35 hubertf gid_t saved_gid, saved_gids[NGROUPS_MAX]; 145 1.35 hubertf int nsaved_gids; 146 1.99 christos char *domain, *p, *ttyn; 147 1.99 christos const char *pwprompt; 148 1.1 cgd char tbuf[MAXPATHLEN + 2], tname[sizeof(_PATH_TTY) + 10]; 149 1.37 mrg char localhost[MAXHOSTNAMELEN + 1]; 150 1.29 mycroft int need_chpass, require_chpass; 151 1.48 mjl int login_retries = DEFAULT_RETRIES, 152 1.48 mjl login_backoff = DEFAULT_BACKOFF; 153 1.48 mjl time_t pw_warntime = _PASSWORD_WARNDAYS * SECSPERDAY; 154 1.25 mycroft #ifdef KERBEROS5 155 1.25 mycroft krb5_error_code kerror; 156 1.25 mycroft #endif 157 1.89 wiz #if defined(KERBEROS5) 158 1.57 aidan int got_tickets = 0; 159 1.57 aidan #endif 160 1.48 mjl #ifdef LOGIN_CAP 161 1.49 mjl char *shell = NULL; 162 1.48 mjl login_cap_t *lc = NULL; 163 1.48 mjl #endif 164 1.1 cgd 165 1.20 lukem tbuf[0] = '\0'; 166 1.20 lukem rval = 0; 167 1.20 lukem pwprompt = NULL; 168 1.70 itojun nested = NULL; 169 1.29 mycroft need_chpass = require_chpass = 0; 170 1.20 lukem 171 1.1 cgd (void)signal(SIGALRM, timedout); 172 1.12 jtc (void)alarm(timeout); 173 1.1 cgd (void)signal(SIGQUIT, SIG_IGN); 174 1.1 cgd (void)signal(SIGINT, SIG_IGN); 175 1.1 cgd (void)setpriority(PRIO_PROCESS, 0, 0); 176 1.1 cgd 177 1.63 lukem openlog("login", 0, LOG_AUTH); 178 1.1 cgd 179 1.1 cgd /* 180 1.1 cgd * -p is used by getty to tell login not to destroy the environment 181 1.5 cgd * -f is used to skip a second login authentication 182 1.66 christos * -h is used by other servers to pass the name of the remote host to 183 1.66 christos * login so that it may be placed in utmp/utmpx and wtmp/wtmpx 184 1.87 jnemeth * -a in addition to -h, a server may supply -a to pass the actual 185 1.79 christos * server address. 186 1.20 lukem * -s is used to force use of S/Key or equivalent. 187 1.1 cgd */ 188 1.1 cgd domain = NULL; 189 1.1 cgd if (gethostname(localhost, sizeof(localhost)) < 0) 190 1.1 cgd syslog(LOG_ERR, "couldn't get local hostname: %m"); 191 1.1 cgd else 192 1.12 jtc domain = strchr(localhost, '.'); 193 1.37 mrg localhost[sizeof(localhost) - 1] = '\0'; 194 1.1 cgd 195 1.44 aidan Fflag = fflag = hflag = pflag = sflag = 0; 196 1.79 christos have_ss = 0; 197 1.44 aidan #ifdef KERBEROS5 198 1.44 aidan have_forward = 0; 199 1.44 aidan #endif 200 1.1 cgd uid = getuid(); 201 1.79 christos while ((ch = getopt(argc, argv, "a:Ffh:ps")) != -1) 202 1.1 cgd switch (ch) { 203 1.79 christos case 'a': 204 1.79 christos if (uid) 205 1.95 christos errx(EXIT_FAILURE, "-a option: %s", strerror(EPERM)); 206 1.79 christos decode_ss(optarg); 207 1.82 christos #ifdef notdef 208 1.82 christos (void)sockaddr_snprintf(optarg, 209 1.82 christos sizeof(struct sockaddr_storage), "%a", (void *)&ss); 210 1.82 christos #endif 211 1.79 christos break; 212 1.44 aidan case 'F': 213 1.44 aidan Fflag = 1; 214 1.44 aidan /* FALLTHROUGH */ 215 1.1 cgd case 'f': 216 1.1 cgd fflag = 1; 217 1.1 cgd break; 218 1.1 cgd case 'h': 219 1.12 jtc if (uid) 220 1.95 christos errx(EXIT_FAILURE, "-h option: %s", strerror(EPERM)); 221 1.1 cgd hflag = 1; 222 1.79 christos #ifdef notdef 223 1.23 mikel if (domain && (p = strchr(optarg, '.')) != NULL && 224 1.1 cgd strcasecmp(p, domain) == 0) 225 1.79 christos *p = '\0'; 226 1.79 christos #endif 227 1.1 cgd hostname = optarg; 228 1.1 cgd break; 229 1.1 cgd case 'p': 230 1.1 cgd pflag = 1; 231 1.1 cgd break; 232 1.20 lukem case 's': 233 1.29 mycroft sflag = 1; 234 1.20 lukem break; 235 1.29 mycroft default: 236 1.1 cgd case '?': 237 1.79 christos usage(); 238 1.79 christos break; 239 1.1 cgd } 240 1.82 christos 241 1.82 christos setproctitle(NULL); 242 1.1 cgd argc -= optind; 243 1.1 cgd argv += optind; 244 1.5 cgd 245 1.1 cgd if (*argv) { 246 1.99 christos username = instance = *argv; 247 1.1 cgd ask = 0; 248 1.1 cgd } else 249 1.1 cgd ask = 1; 250 1.1 cgd 251 1.82 christos #ifdef F_CLOSEM 252 1.82 christos (void)fcntl(3, F_CLOSEM, 0); 253 1.82 christos #else 254 1.1 cgd for (cnt = getdtablesize(); cnt > 2; cnt--) 255 1.5 cgd (void)close(cnt); 256 1.82 christos #endif 257 1.1 cgd 258 1.5 cgd ttyn = ttyname(STDIN_FILENO); 259 1.1 cgd if (ttyn == NULL || *ttyn == '\0') { 260 1.5 cgd (void)snprintf(tname, sizeof(tname), "%s??", _PATH_TTY); 261 1.1 cgd ttyn = tname; 262 1.1 cgd } 263 1.82 christos if ((tty = strstr(ttyn, "/pts/")) != NULL) 264 1.82 christos ++tty; 265 1.82 christos else if ((tty = strrchr(ttyn, '/')) != NULL) 266 1.1 cgd ++tty; 267 1.1 cgd else 268 1.1 cgd tty = ttyn; 269 1.25 mycroft 270 1.70 itojun if (issetugid()) { 271 1.70 itojun nested = strdup(user_from_uid(getuid(), 0)); 272 1.70 itojun if (nested == NULL) { 273 1.93 isaki syslog(LOG_ERR, "strdup: %m"); 274 1.95 christos sleepexit(EXIT_FAILURE); 275 1.70 itojun } 276 1.70 itojun } 277 1.70 itojun 278 1.48 mjl #ifdef LOGIN_CAP 279 1.48 mjl /* Get "login-retries" and "login-backoff" from default class */ 280 1.55 enami if ((lc = login_getclass(NULL)) != NULL) { 281 1.55 enami login_retries = (int)login_getcapnum(lc, "login-retries", 282 1.55 enami DEFAULT_RETRIES, DEFAULT_RETRIES); 283 1.55 enami login_backoff = (int)login_getcapnum(lc, "login-backoff", 284 1.55 enami DEFAULT_BACKOFF, DEFAULT_BACKOFF); 285 1.48 mjl login_close(lc); 286 1.48 mjl lc = NULL; 287 1.55 enami } 288 1.48 mjl #endif 289 1.48 mjl 290 1.25 mycroft #ifdef KERBEROS5 291 1.25 mycroft kerror = krb5_init_context(&kcontext); 292 1.25 mycroft if (kerror) { 293 1.61 thorpej /* 294 1.61 thorpej * If Kerberos is not configured, that is, we are 295 1.61 thorpej * not using Kerberos, do not log the error message. 296 1.61 thorpej * However, if Kerberos is configured, and the 297 1.61 thorpej * context init fails for some other reason, we need 298 1.61 thorpej * to issue a no tickets warning to the user when the 299 1.61 thorpej * login succeeds. 300 1.61 thorpej */ 301 1.61 thorpej if (kerror != ENXIO) { /* XXX NetBSD-local Heimdal hack */ 302 1.61 thorpej syslog(LOG_NOTICE, 303 1.61 thorpej "%s when initializing Kerberos context", 304 1.61 thorpej error_message(kerror)); 305 1.61 thorpej krb5_configured = 1; 306 1.61 thorpej } 307 1.57 aidan login_krb5_get_tickets = 0; 308 1.58 aidan } 309 1.64 cgd #endif /* KERBEROS5 */ 310 1.1 cgd 311 1.1 cgd for (cnt = 0;; ask = 1) { 312 1.99 christos char *ptr; 313 1.57 aidan #if defined(KERBEROS5) 314 1.57 aidan if (login_krb5_get_tickets) 315 1.57 aidan k5destroy(); 316 1.57 aidan #endif 317 1.1 cgd if (ask) { 318 1.1 cgd fflag = 0; 319 1.99 christos instance = getloginname(); 320 1.1 cgd } 321 1.5 cgd rootlogin = 0; 322 1.99 christos ptr = instance; 323 1.10 brezak #ifdef KERBEROS5 324 1.99 christos if ((instance = strchr(instance, '/')) != NULL) 325 1.10 brezak *instance++ = '\0'; 326 1.29 mycroft else 327 1.99 christos instance = __UNCONST(""); 328 1.10 brezak #endif 329 1.99 christos username = trimloginname(ptr); 330 1.1 cgd /* 331 1.1 cgd * Note if trying multiple user names; log failures for 332 1.1 cgd * previous user name, but don't bother logging one failure 333 1.1 cgd * for nonexistent name (mistyped username). 334 1.1 cgd */ 335 1.1 cgd if (failures && strcmp(tbuf, username)) { 336 1.1 cgd if (failures > (pwd ? 0 : 1)) 337 1.1 cgd badlogin(tbuf); 338 1.1 cgd failures = 0; 339 1.1 cgd } 340 1.71 itojun (void)strlcpy(tbuf, username, sizeof(tbuf)); 341 1.1 cgd 342 1.90 hubertf pwd = getpwnam(username); 343 1.1 cgd 344 1.48 mjl #ifdef LOGIN_CAP 345 1.48 mjl /* 346 1.48 mjl * Establish the class now, before we might goto 347 1.48 mjl * within the next block. pwd can be NULL since it 348 1.52 mjl * falls back to the "default" class if it is. 349 1.52 mjl */ 350 1.52 mjl lc = login_getclass(pwd ? pwd->pw_class : NULL); 351 1.48 mjl #endif 352 1.1 cgd /* 353 1.1 cgd * if we have a valid account name, and it doesn't have a 354 1.1 cgd * password, or the -f option was specified and the caller 355 1.1 cgd * is root or the caller isn't changing their uid, don't 356 1.1 cgd * authenticate. 357 1.1 cgd */ 358 1.7 mycroft if (pwd) { 359 1.7 mycroft if (pwd->pw_uid == 0) 360 1.7 mycroft rootlogin = 1; 361 1.7 mycroft 362 1.8 mycroft if (fflag && (uid == 0 || uid == pwd->pw_uid)) { 363 1.7 mycroft /* already authenticated */ 364 1.44 aidan #ifdef KERBEROS5 365 1.57 aidan if (login_krb5_get_tickets && Fflag) 366 1.44 aidan k5_read_creds(username); 367 1.44 aidan #endif 368 1.7 mycroft break; 369 1.7 mycroft } else if (pwd->pw_passwd[0] == '\0') { 370 1.7 mycroft /* pretend password okay */ 371 1.7 mycroft rval = 0; 372 1.7 mycroft goto ttycheck; 373 1.7 mycroft } 374 1.7 mycroft } 375 1.7 mycroft 376 1.1 cgd fflag = 0; 377 1.1 cgd 378 1.1 cgd (void)setpriority(PRIO_PROCESS, 0, -4); 379 1.1 cgd 380 1.27 mycroft #ifdef SKEY 381 1.29 mycroft if (skey_haskey(username) == 0) { 382 1.29 mycroft static char skprompt[80]; 383 1.59 thorpej const char *skinfo = skey_keyinfo(username); 384 1.20 lukem 385 1.75 itojun (void)snprintf(skprompt, sizeof(skprompt), 386 1.83 tron "Password [ %s ]:", 387 1.29 mycroft skinfo ? skinfo : "error getting challenge"); 388 1.29 mycroft pwprompt = skprompt; 389 1.29 mycroft } else 390 1.27 mycroft #endif 391 1.29 mycroft pwprompt = "Password:"; 392 1.27 mycroft 393 1.29 mycroft p = getpass(pwprompt); 394 1.1 cgd 395 1.29 mycroft if (pwd == NULL) { 396 1.29 mycroft rval = 1; 397 1.29 mycroft goto skip; 398 1.29 mycroft } 399 1.29 mycroft #ifdef KERBEROS5 400 1.57 aidan if (login_krb5_get_tickets && 401 1.57 aidan k5login(pwd, instance, localhost, p) == 0) { 402 1.29 mycroft rval = 0; 403 1.57 aidan got_tickets = 1; 404 1.57 aidan } 405 1.57 aidan #endif 406 1.89 wiz #if defined(KERBEROS5) 407 1.57 aidan if (got_tickets) 408 1.29 mycroft goto skip; 409 1.29 mycroft #endif 410 1.20 lukem #ifdef SKEY 411 1.29 mycroft if (skey_haskey(username) == 0 && 412 1.29 mycroft skey_passcheck(username, p) != -1) { 413 1.29 mycroft rval = 0; 414 1.29 mycroft goto skip; 415 1.29 mycroft } 416 1.20 lukem #endif 417 1.29 mycroft if (!sflag && *pwd->pw_passwd != '\0' && 418 1.29 mycroft !strcmp(crypt(p, pwd->pw_passwd), pwd->pw_passwd)) { 419 1.29 mycroft rval = 0; 420 1.29 mycroft require_chpass = 1; 421 1.29 mycroft goto skip; 422 1.29 mycroft } 423 1.29 mycroft rval = 1; 424 1.29 mycroft 425 1.29 mycroft skip: 426 1.29 mycroft memset(p, 0, strlen(p)); 427 1.1 cgd 428 1.1 cgd (void)setpriority(PRIO_PROCESS, 0, 0); 429 1.1 cgd 430 1.7 mycroft ttycheck: 431 1.1 cgd /* 432 1.1 cgd * If trying to log in as root without Kerberos, 433 1.1 cgd * but with insecure terminal, refuse the login attempt. 434 1.1 cgd */ 435 1.7 mycroft if (pwd && !rval && rootlogin && !rootterm(tty)) { 436 1.87 jnemeth (void)printf("Login incorrect or refused on this " 437 1.87 jnemeth "terminal.\n"); 438 1.1 cgd if (hostname) 439 1.1 cgd syslog(LOG_NOTICE, 440 1.1 cgd "LOGIN %s REFUSED FROM %s ON TTY %s", 441 1.1 cgd pwd->pw_name, hostname, tty); 442 1.1 cgd else 443 1.1 cgd syslog(LOG_NOTICE, 444 1.1 cgd "LOGIN %s REFUSED ON TTY %s", 445 1.1 cgd pwd->pw_name, tty); 446 1.1 cgd continue; 447 1.1 cgd } 448 1.1 cgd 449 1.1 cgd if (pwd && !rval) 450 1.1 cgd break; 451 1.1 cgd 452 1.87 jnemeth (void)printf("Login incorrect or refused on this " 453 1.87 jnemeth "terminal.\n"); 454 1.1 cgd failures++; 455 1.48 mjl cnt++; 456 1.88 jnemeth /* 457 1.88 jnemeth * We allow login_retries tries, but after login_backoff 458 1.88 jnemeth * we start backing off. These default to 10 and 3 459 1.88 jnemeth * respectively. 460 1.88 jnemeth */ 461 1.50 mjl if (cnt > login_backoff) { 462 1.48 mjl if (cnt >= login_retries) { 463 1.1 cgd badlogin(username); 464 1.95 christos sleepexit(EXIT_FAILURE); 465 1.1 cgd } 466 1.88 jnemeth sleep((u_int)((cnt - login_backoff) * 5)); 467 1.1 cgd } 468 1.1 cgd } 469 1.1 cgd 470 1.1 cgd /* committed to login -- turn off timeout */ 471 1.1 cgd (void)alarm((u_int)0); 472 1.1 cgd 473 1.1 cgd endpwent(); 474 1.1 cgd 475 1.1 cgd /* if user not super-user, check for disabled logins */ 476 1.48 mjl #ifdef LOGIN_CAP 477 1.93 isaki if (!login_getcapbool(lc, "ignorenologin", rootlogin)) 478 1.52 mjl checknologin(login_getcapstr(lc, "nologin", NULL, NULL)); 479 1.48 mjl #else 480 1.93 isaki if (!rootlogin) 481 1.93 isaki checknologin(NULL); 482 1.48 mjl #endif 483 1.1 cgd 484 1.48 mjl #ifdef LOGIN_CAP 485 1.93 isaki quietlog = login_getcapbool(lc, "hushlogin", 0); 486 1.48 mjl #else 487 1.93 isaki quietlog = 0; 488 1.48 mjl #endif 489 1.33 hubertf /* Temporarily give up special privileges so we can change */ 490 1.33 hubertf /* into NFS-mounted homes that are exported for non-root */ 491 1.33 hubertf /* access and have mode 7x0 */ 492 1.33 hubertf saved_uid = geteuid(); 493 1.35 hubertf saved_gid = getegid(); 494 1.35 hubertf nsaved_gids = getgroups(NGROUPS_MAX, saved_gids); 495 1.35 hubertf 496 1.35 hubertf (void)setegid(pwd->pw_gid); 497 1.35 hubertf initgroups(username, pwd->pw_gid); 498 1.35 hubertf (void)seteuid(pwd->pw_uid); 499 1.33 hubertf 500 1.1 cgd if (chdir(pwd->pw_dir) < 0) { 501 1.48 mjl #ifdef LOGIN_CAP 502 1.93 isaki if (login_getcapbool(lc, "requirehome", 0)) { 503 1.55 enami (void)printf("Home directory %s required\n", 504 1.55 enami pwd->pw_dir); 505 1.95 christos sleepexit(EXIT_FAILURE); 506 1.48 mjl } 507 1.48 mjl #endif 508 1.1 cgd (void)printf("No home directory %s!\n", pwd->pw_dir); 509 1.95 christos if (chdir("/") == -1) 510 1.95 christos exit(EXIT_FAILURE); 511 1.99 christos pwd->pw_dir = __UNCONST("/"); 512 1.1 cgd (void)printf("Logging in with home = \"/\".\n"); 513 1.1 cgd } 514 1.1 cgd 515 1.55 enami if (!quietlog) 516 1.48 mjl quietlog = access(_PATH_HUSHLOGIN, F_OK) == 0; 517 1.33 hubertf 518 1.33 hubertf /* regain special privileges */ 519 1.33 hubertf (void)seteuid(saved_uid); 520 1.35 hubertf setgroups(nsaved_gids, saved_gids); 521 1.35 hubertf (void)setegid(saved_gid); 522 1.1 cgd 523 1.48 mjl #ifdef LOGIN_CAP 524 1.93 isaki pw_warntime = login_getcaptime(lc, "password-warn", 525 1.93 isaki _PASSWORD_WARNDAYS * SECSPERDAY, 526 1.93 isaki _PASSWORD_WARNDAYS * SECSPERDAY); 527 1.48 mjl #endif 528 1.48 mjl 529 1.98 plunky (void)gettimeofday(&now, NULL); 530 1.40 ross if (pwd->pw_expire) { 531 1.66 christos if (now.tv_sec >= pwd->pw_expire) { 532 1.1 cgd (void)printf("Sorry -- your account has expired.\n"); 533 1.95 christos sleepexit(EXIT_FAILURE); 534 1.66 christos } else if (pwd->pw_expire - now.tv_sec < pw_warntime && 535 1.55 enami !quietlog) 536 1.1 cgd (void)printf("Warning: your account expires on %s", 537 1.1 cgd ctime(&pwd->pw_expire)); 538 1.40 ross } 539 1.40 ross if (pwd->pw_change) { 540 1.30 mycroft if (pwd->pw_change == _PASSWORD_CHGNOW) 541 1.30 mycroft need_chpass = 1; 542 1.66 christos else if (now.tv_sec >= pwd->pw_change) { 543 1.31 mycroft (void)printf("Sorry -- your password has expired.\n"); 544 1.95 christos sleepexit(EXIT_FAILURE); 545 1.66 christos } else if (pwd->pw_change - now.tv_sec < pw_warntime && 546 1.55 enami !quietlog) 547 1.30 mycroft (void)printf("Warning: your password expires on %s", 548 1.30 mycroft ctime(&pwd->pw_change)); 549 1.1 cgd 550 1.40 ross } 551 1.5 cgd /* Nothing else left to fail -- really log in. */ 552 1.97 christos update_db(quietlog, rootlogin, fflag); 553 1.1 cgd 554 1.1 cgd (void)chown(ttyn, pwd->pw_uid, 555 1.1 cgd (gr = getgrnam(TTYGRPNAME)) ? gr->gr_gid : pwd->pw_gid); 556 1.15 gwr 557 1.15 gwr if (ttyaction(ttyn, "login", pwd->pw_name)) 558 1.15 gwr (void)printf("Warning: ttyaction failed.\n"); 559 1.15 gwr 560 1.89 wiz #if defined(KERBEROS5) 561 1.10 brezak /* Fork so that we can call kdestroy */ 562 1.89 wiz if (! login_krb5_retain_ccache && has_ccache) 563 1.29 mycroft dofork(); 564 1.10 brezak #endif 565 1.53 mjl 566 1.53 mjl /* Destroy environment unless user has requested its preservation. */ 567 1.53 mjl if (!pflag) 568 1.53 mjl environ = envinit; 569 1.53 mjl 570 1.48 mjl #ifdef LOGIN_CAP 571 1.70 itojun if (nested == NULL && setusercontext(lc, pwd, pwd->pw_uid, 572 1.70 itojun LOGIN_SETLOGIN) != 0) { 573 1.70 itojun syslog(LOG_ERR, "setusercontext failed"); 574 1.95 christos exit(EXIT_FAILURE); 575 1.70 itojun } 576 1.70 itojun if (setusercontext(lc, pwd, pwd->pw_uid, 577 1.70 itojun (LOGIN_SETALL & ~(LOGIN_SETPATH|LOGIN_SETLOGIN))) != 0) { 578 1.52 mjl syslog(LOG_ERR, "setusercontext failed"); 579 1.95 christos exit(EXIT_FAILURE); 580 1.48 mjl } 581 1.52 mjl #else 582 1.1 cgd (void)setgid(pwd->pw_gid); 583 1.1 cgd 584 1.1 cgd initgroups(username, pwd->pw_gid); 585 1.48 mjl 586 1.70 itojun if (nested == NULL && setlogin(pwd->pw_name) < 0) 587 1.48 mjl syslog(LOG_ERR, "setlogin() failure: %m"); 588 1.48 mjl 589 1.48 mjl /* Discard permissions last so can't get killed and drop core. */ 590 1.48 mjl if (rootlogin) 591 1.48 mjl (void)setuid(0); 592 1.48 mjl else 593 1.48 mjl (void)setuid(pwd->pw_uid); 594 1.52 mjl #endif 595 1.1 cgd 596 1.1 cgd if (*pwd->pw_shell == '\0') 597 1.99 christos pwd->pw_shell = __UNCONST(_PATH_BSHELL); 598 1.48 mjl #ifdef LOGIN_CAP 599 1.55 enami if ((shell = login_getcapstr(lc, "shell", NULL, NULL)) != NULL) { 600 1.55 enami if ((shell = strdup(shell)) == NULL) { 601 1.93 isaki syslog(LOG_ERR, "Cannot alloc mem"); 602 1.95 christos sleepexit(EXIT_FAILURE); 603 1.48 mjl } 604 1.48 mjl pwd->pw_shell = shell; 605 1.48 mjl } 606 1.48 mjl #endif 607 1.48 mjl 608 1.1 cgd (void)setenv("HOME", pwd->pw_dir, 1); 609 1.1 cgd (void)setenv("SHELL", pwd->pw_shell, 1); 610 1.48 mjl if (term[0] == '\0') { 611 1.99 christos const char *tt = stypeof(tty); 612 1.48 mjl #ifdef LOGIN_CAP 613 1.55 enami if (tt == NULL) 614 1.48 mjl tt = login_getcapstr(lc, "term", NULL, NULL); 615 1.48 mjl #endif 616 1.48 mjl /* unknown term -> "su" */ 617 1.71 itojun (void)strlcpy(term, tt != NULL ? tt : "su", sizeof(term)); 618 1.55 enami } 619 1.1 cgd (void)setenv("TERM", term, 0); 620 1.1 cgd (void)setenv("LOGNAME", pwd->pw_name, 1); 621 1.1 cgd (void)setenv("USER", pwd->pw_name, 1); 622 1.51 mjl 623 1.48 mjl #ifdef LOGIN_CAP 624 1.52 mjl setusercontext(lc, pwd, pwd->pw_uid, LOGIN_SETPATH); 625 1.48 mjl #else 626 1.1 cgd (void)setenv("PATH", _PATH_DEFPATH, 0); 627 1.48 mjl #endif 628 1.51 mjl 629 1.10 brezak #ifdef KERBEROS5 630 1.57 aidan if (krb5tkfile_env) 631 1.57 aidan (void)setenv("KRB5CCNAME", krb5tkfile_env, 1); 632 1.10 brezak #endif 633 1.1 cgd 634 1.12 jtc if (tty[sizeof("tty")-1] == 'd') 635 1.12 jtc syslog(LOG_INFO, "DIALUP %s, %s", tty, pwd->pw_name); 636 1.12 jtc 637 1.5 cgd /* If fflag is on, assume caller/authenticator has logged root login. */ 638 1.40 ross if (rootlogin && fflag == 0) { 639 1.1 cgd if (hostname) 640 1.1 cgd syslog(LOG_NOTICE, "ROOT LOGIN (%s) ON %s FROM %s", 641 1.1 cgd username, tty, hostname); 642 1.1 cgd else 643 1.55 enami syslog(LOG_NOTICE, "ROOT LOGIN (%s) ON %s", 644 1.55 enami username, tty); 645 1.40 ross } 646 1.1 cgd 647 1.89 wiz #if defined(KERBEROS5) 648 1.60 thorpej if (KERBEROS_CONFIGURED && !quietlog && notickets == 1) 649 1.1 cgd (void)printf("Warning: no Kerberos tickets issued.\n"); 650 1.1 cgd #endif 651 1.1 cgd 652 1.1 cgd if (!quietlog) { 653 1.99 christos const char *fname; 654 1.48 mjl #ifdef LOGIN_CAP 655 1.48 mjl fname = login_getcapstr(lc, "copyright", NULL, NULL); 656 1.55 enami if (fname != NULL && access(fname, F_OK) == 0) 657 1.48 mjl motd(fname); 658 1.48 mjl else 659 1.55 enami #endif 660 1.69 itojun (void)printf("%s", copyrightstr); 661 1.48 mjl 662 1.48 mjl #ifdef LOGIN_CAP 663 1.93 isaki fname = login_getcapstr(lc, "welcome", NULL, NULL); 664 1.93 isaki if (fname == NULL || access(fname, F_OK) != 0) 665 1.48 mjl #endif 666 1.93 isaki fname = _PATH_MOTDFILE; 667 1.93 isaki motd(fname); 668 1.48 mjl 669 1.5 cgd (void)snprintf(tbuf, 670 1.5 cgd sizeof(tbuf), "%s/%s", _PATH_MAILDIR, pwd->pw_name); 671 1.1 cgd if (stat(tbuf, &st) == 0 && st.st_size != 0) 672 1.1 cgd (void)printf("You have %smail.\n", 673 1.1 cgd (st.st_mtime > st.st_atime) ? "new " : ""); 674 1.1 cgd } 675 1.1 cgd 676 1.48 mjl #ifdef LOGIN_CAP 677 1.48 mjl login_close(lc); 678 1.48 mjl #endif 679 1.48 mjl 680 1.1 cgd (void)signal(SIGALRM, SIG_DFL); 681 1.1 cgd (void)signal(SIGQUIT, SIG_DFL); 682 1.1 cgd (void)signal(SIGINT, SIG_DFL); 683 1.1 cgd (void)signal(SIGTSTP, SIG_IGN); 684 1.1 cgd 685 1.1 cgd tbuf[0] = '-'; 686 1.71 itojun (void)strlcpy(tbuf + 1, (p = strrchr(pwd->pw_shell, '/')) ? 687 1.71 itojun p + 1 : pwd->pw_shell, sizeof(tbuf) - 1); 688 1.1 cgd 689 1.24 lukem /* Wait to change password until we're unprivileged */ 690 1.24 lukem if (need_chpass) { 691 1.29 mycroft if (!require_chpass) 692 1.24 lukem (void)printf( 693 1.24 lukem "Warning: your password has expired. Please change it as soon as possible.\n"); 694 1.29 mycroft else { 695 1.38 mrg int status; 696 1.38 mrg 697 1.29 mycroft (void)printf( 698 1.24 lukem "Your password has expired. Please choose a new one.\n"); 699 1.38 mrg switch (fork()) { 700 1.38 mrg case -1: 701 1.38 mrg warn("fork"); 702 1.95 christos sleepexit(EXIT_FAILURE); 703 1.38 mrg case 0: 704 1.92 mrg execl(_PATH_BINPASSWD, "passwd", NULL); 705 1.95 christos _exit(EXIT_FAILURE); 706 1.38 mrg default: 707 1.38 mrg if (wait(&status) == -1 || 708 1.38 mrg WEXITSTATUS(status)) 709 1.95 christos sleepexit(EXIT_FAILURE); 710 1.38 mrg } 711 1.29 mycroft } 712 1.24 lukem } 713 1.1 cgd 714 1.44 aidan #ifdef KERBEROS5 715 1.57 aidan if (login_krb5_get_tickets) 716 1.57 aidan k5_write_creds(); 717 1.44 aidan #endif 718 1.92 mrg execlp(pwd->pw_shell, tbuf, NULL); 719 1.95 christos err(EXIT_FAILURE, "%s", pwd->pw_shell); 720 1.1 cgd } 721 1.57 aidan 722 1.89 wiz #if defined(KERBEROS5) 723 1.10 brezak /* 724 1.10 brezak * This routine handles cleanup stuff, and the like. 725 1.10 brezak * It exists only in the child process. 726 1.10 brezak */ 727 1.97 christos static void 728 1.80 xtraeme dofork(void) 729 1.10 brezak { 730 1.95 christos pid_t child, wchild; 731 1.38 mrg 732 1.95 christos switch (child = fork()) { 733 1.95 christos case 0: 734 1.38 mrg return; /* Child process */ 735 1.95 christos case -1: 736 1.95 christos err(EXIT_FAILURE, "Can't fork"); 737 1.95 christos /*NOTREACHED*/ 738 1.95 christos default: 739 1.95 christos break; 740 1.95 christos } 741 1.38 mrg 742 1.55 enami /* 743 1.55 enami * Setup stuff? This would be things we could do in parallel 744 1.55 enami * with login 745 1.55 enami */ 746 1.95 christos if (chdir("/") == -1) /* Let's not keep the fs busy... */ 747 1.95 christos err(EXIT_FAILURE, "Can't chdir to `/'"); 748 1.10 brezak 749 1.38 mrg /* If we're the parent, watch the child until it dies */ 750 1.95 christos while ((wchild = wait(NULL)) != child) 751 1.95 christos if (wchild == -1) 752 1.95 christos err(EXIT_FAILURE, "Can't wait"); 753 1.10 brezak 754 1.38 mrg /* Cleanup stuff */ 755 1.38 mrg /* Run kdestroy to destroy tickets */ 756 1.57 aidan if (login_krb5_get_tickets) 757 1.57 aidan k5destroy(); 758 1.10 brezak 759 1.38 mrg /* Leave */ 760 1.95 christos exit(EXIT_SUCCESS); 761 1.10 brezak } 762 1.1 cgd #endif 763 1.1 cgd 764 1.97 christos static void 765 1.80 xtraeme checknologin(char *fname) 766 1.1 cgd { 767 1.12 jtc int fd, nchars; 768 1.1 cgd char tbuf[8192]; 769 1.1 cgd 770 1.48 mjl if ((fd = open(fname ? fname : _PATH_NOLOGIN, O_RDONLY, 0)) >= 0) { 771 1.1 cgd while ((nchars = read(fd, tbuf, sizeof(tbuf))) > 0) 772 1.1 cgd (void)write(fileno(stdout), tbuf, nchars); 773 1.95 christos sleepexit(EXIT_SUCCESS); 774 1.1 cgd } 775 1.1 cgd } 776 1.1 cgd 777 1.66 christos static void 778 1.80 xtraeme usage(void) 779 1.79 christos { 780 1.79 christos (void)fprintf(stderr, 781 1.79 christos "Usage: %s [-Ffps] [-a address] [-h hostname] [username]\n", 782 1.79 christos getprogname()); 783 1.95 christos exit(EXIT_FAILURE); 784 1.79 christos } 785
Indexes created Tue Sep 30 20:09:53 GMT 2025